Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BEA1E67CCE4F11EFB28C6895762E951A.roa
File: BEA1E67CCE4F11EFB28C6895762E951A.roa (raw, json)
Hash identifier: BLnsll+2/Crl9JQXBSoQavfeniUEBjGnoJ074WWWExI=
Subject key identifier: B5:47:2D:71:C1:B8:8E:6A:80:B2:F3:A3:85:8F:AF:88:D5:D6:23:49
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01383C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BEA1E67CCE4F11EFB28C6895762E951A.roa
Signing time: Thu 09 Jan 2025 06:05:37 +0000
ROA not before: Thu 09 Jan 2025 06:05:33 +0000
ROA not after: Fri 09 Jan 2026 06:05:33 +0000
asID: 17561
IP address blocks: 154.220.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79932 (0x1383c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 9 06:05:33 2025 GMT
Not After : Jan 9 06:05:33 2026 GMT
Subject: CN=677f6731-8455
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:76:b1:cd:58:c8:5c:a1:85:a5:91:77:7f:70:
b4:e6:5f:01:57:77:bd:1d:69:d6:67:3f:c3:6c:40:
10:eb:1c:6b:86:a5:fc:b9:5d:8f:d4:0a:6f:4f:2d:
3d:5e:c7:c7:21:22:69:4c:15:3e:b8:1b:98:99:c8:
b1:9a:27:91:79:1e:56:ac:9d:b1:10:b6:d0:70:c4:
51:39:f4:eb:e5:64:75:71:44:a1:ee:d1:13:d7:fb:
f5:38:57:c1:7c:df:45:ec:29:d2:f7:c4:86:87:ea:
c2:2e:03:de:30:1e:eb:08:69:79:59:83:96:05:f1:
fd:d6:a5:4d:1e:f7:60:84:ec:f4:53:0a:18:f5:56:
bb:59:e6:46:59:66:5c:8a:e8:26:19:57:70:29:4d:
37:c8:c8:42:50:de:da:aa:86:3f:f2:44:20:b5:7b:
81:79:64:e0:e2:2d:97:39:2b:db:a8:8c:c3:56:55:
6f:49:9f:3c:cc:f4:1c:6d:ef:66:cb:13:7d:6e:ee:
31:e4:1f:ca:7f:a9:43:48:3f:8f:74:73:d9:82:f3:
9b:17:73:03:02:78:e7:32:ee:fd:0f:2a:5d:58:2b:
8a:d2:ef:17:8b:8f:ed:16:14:5b:ec:0a:3a:15:c8:
d9:e3:ba:90:c1:66:17:f2:e0:73:ab:d7:6c:a8:0e:
15:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:47:2D:71:C1:B8:8E:6A:80:B2:F3:A3:85:8F:AF:88:D5:D6:23:49
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BEA1E67CCE4F11EFB28C6895762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.226.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:35:f7:f5:20:80:5e:61:a9:bc:4a:74:02:52:bb:2c:65:0f:
75:2c:33:6a:f8:6f:4a:ac:ec:4a:4e:63:a1:fd:6f:ff:37:e7:
f2:8f:12:4c:09:16:7e:ce:f4:0c:3c:16:7b:2b:0a:3f:fb:69:
e7:19:93:24:85:d2:ba:7c:b7:66:90:42:fb:94:4c:03:f8:06:
25:5c:3f:49:b7:6a:4b:cf:fa:2a:fb:3f:70:7b:9f:20:34:23:
be:2d:0c:77:88:ba:3f:de:63:f9:65:37:13:e8:f4:eb:64:eb:
03:be:c6:79:ac:17:b6:2b:64:70:77:0c:90:27:3e:ad:d1:28:
27:6c:4d:72:e2:dd:f5:30:57:8d:8e:28:bd:8a:ad:40:7a:b4:
a2:17:bd:e0:06:88:eb:df:79:e1:d1:df:83:0d:d9:16:38:7c:
dc:35:83:92:47:57:58:d8:95:e2:e0:6c:61:28:b5:a6:87:f1:
0c:f1:b8:56:68:d0:f6:d2:88:7c:9e:51:99:e6:39:7d:2b:77:
cd:61:ff:7b:4c:98:ab:44:5d:17:73:fc:ed:e6:3e:56:99:79:
9f:55:18:45:cf:6d:95:91:ca:db:6a:fe:8d:b3:f1:8a:a9:a4:
e6:5f:62:42:b8:d9:dd:e4:51:e9:2d:00:94:1b:4c:ce:32:d7:
da:56:e6:b6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATg8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA5MDYwNTMzWhcNMjYwMTA5MDYwNTMzWjAYMRYw
FAYDVQQDEw02NzdmNjczMS04NDU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxXaxzVjIXKGFpZF3f3C05l8BV3e9HWnWZz/DbEAQ6xxrhqX8uV2P1Apv
Ty09XsfHISJpTBU+uBuYmcixmieReR5WrJ2xELbQcMRROfTr5WR1cUSh7tET1/v1
OFfBfN9F7CnS98SGh+rCLgPeMB7rCGl5WYOWBfH91qVNHvdghOz0UwoY9Va7WeZG
WWZciugmGVdwKU03yMhCUN7aqoY/8kQgtXuBeWTg4i2XOSvbqIzDVlVvSZ88zPQc
be9myxN9bu4x5B/Kf6lDSD+PdHPZgvObF3MDAnjnMu79DypdWCuK0u8Xi4/tFhRb
7Ao6FcjZ47qQwWYX8uBzq9dsqA4VlwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLVH
LXHBuI5qgLLzo4WPr4jV1iNJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRUExRTY3Q0NFNEYxMUVGQjI4QzY4OTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtziMA0GCSqGSIb3DQEB
CwUAA4IBAQBdNff1IIBeYam8SnQCUrssZQ91LDNq+G9KrOxKTmOh/W//N+fyjxJM
CRZ+zvQMPBZ7Kwo/+2nnGZMkhdK6fLdmkEL7lEwD+AYlXD9Jt2pLz/oq+z9we58g
NCO+LQx3iLo/3mP5ZTcT6PTrZOsDvsZ5rBe2K2RwdwyQJz6t0SgnbE1y4t31MFeN
jii9iq1AerSiF73gBojr33nh0d+DDdkWOHzcNYOSR1dY2JXi4GxhKLWmh/EM8bhW
aND20oh8nlGZ5jl9K3fNYf97TJirRF0Xc/zt5j5WmXmfVRhFz22Vkcrbav6Ns/GK
qaTmX2JCuNnd5FHpLQCUG0zOMtfaVua2
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:17:19 2025 by rpki-client